[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #13716 [Tor bundles/installation]: Tor daemon apparmor profile breaks bridge restarts on Ubuntu 14.04
#13716: Tor daemon apparmor profile breaks bridge restarts on Ubuntu 14.04
--------------------------------------+-----------------------
Reporter: vladtsyrklevich | Owner: erinn
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor bundles/installation | Version:
Keywords: obfsproxy apparmor | Actual Points:
Parent ID: | Points:
--------------------------------------+-----------------------
As intrigeri noted here
https://trac.torproject.org/projects/tor/ticket/9460#comment:13 a new
apparmor mediation for signals in 14.04 breaks tor being able to kill
obfsproxy on restart (meaning it comes up without obfsproxy since the old
process continues holding on to the open port.) Example syslog:
type=1400 audit(1415580423.404:19): apparmor="DENIED" operation="signal"
profile="system_tor" pid=4514 comm="tor" requested_mask="send"
denied_mask="send" signal=term peer="unconfined"
He also mentioned that adding the correct rule would break Debian, so an
Ubuntu-specific fix was needed.
The rule that needs to be added is:
signal (send) set=("term") peer="unconfined",
Not sure if the easiest path is to wait out Debian upgrading, updating
Ubuntu packages, or adding an Ubuntu specific install line in Tor's apt
package
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13716>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs